context::LemmyContext,
post::{EditPost, PostResponse},
request::fetch_site_data,
- utils::{check_community_ban, local_site_to_slur_regex, local_user_view_from_jwt},
+ utils::{
+ check_community_ban,
+ local_site_to_slur_regex,
+ local_user_view_from_jwt,
+ sanitize_html_opt,
+ },
};
use lemmy_db_schema::{
source::{
async fn perform(&self, context: &Data<LemmyContext>) -> Result<PostResponse, LemmyError> {
let data: &EditPost = self;
let local_user_view = local_user_view_from_jwt(&data.auth, context).await?;
- let local_site = LocalSite::read(context.pool()).await?;
+ let local_site = LocalSite::read(&mut context.pool()).await?;
let data_url = data.url.as_ref();
// TODO No good way to handle a clear.
// Issue link: https://github.com/LemmyNet/lemmy/issues/2287
let url = Some(data_url.map(clean_url_params).map(Into::into));
- let body = diesel_option_overwrite(&data.body);
let slur_regex = local_site_to_slur_regex(&local_site);
check_slurs_opt(&data.name, &slur_regex)?;
check_url_scheme(&data.url)?;
let post_id = data.post_id;
- let orig_post = Post::read(context.pool(), post_id).await?;
+ let orig_post = Post::read(&mut context.pool(), post_id).await?;
check_community_ban(
local_user_view.person.id,
orig_post.community_id,
- context.pool(),
+ &mut context.pool(),
)
.await?;
.map(|u| (Some(u.title), Some(u.description), Some(u.embed_video_url)))
.unwrap_or_default();
+ let name = sanitize_html_opt(&data.name);
+ let body = sanitize_html_opt(&data.body);
+ let body = diesel_option_overwrite(body);
+ let embed_title = embed_title.map(|e| sanitize_html_opt(&e));
+ let embed_description = embed_description.map(|e| sanitize_html_opt(&e));
+
let language_id = self.language_id;
CommunityLanguage::is_allowed_community_language(
- context.pool(),
+ &mut context.pool(),
language_id,
orig_post.community_id,
)
.await?;
let post_form = PostUpdateForm::builder()
- .name(data.name.clone())
+ .name(name)
.url(url)
.body(body)
.nsfw(data.nsfw)
.build();
let post_id = data.post_id;
- Post::update(context.pool(), post_id, &post_form)
+ Post::update(&mut context.pool(), post_id, &post_form)
.await
.with_lemmy_type(LemmyErrorType::CouldntUpdatePost)?;